+ // Grab my hostname unless it's been specified
+ gethostname(hostname, sizeof(hostname));
+ stripdomain(hostname);
+ }
+
+ _statistics->start_time = _statistics->last_reset = time(NULL);
+
+#ifdef BGP
+ if (!(bgp_peers = shared_malloc(sizeof(struct bgp_peer) * BGP_NUM_PEERS)))
+ {
+ LOG(0, 0, 0, "Error doing malloc for bgp: %s\n", strerror(errno));
+ exit(1);
+ }
+#endif /* BGP */
+}
+
+static int assign_ip_address(sessionidt s)
+{
+ u32 i;
+ int best = -1;
+ time_t best_time = time_now;
+ char *u = session[s].user;
+ char reuse = 0;
+
+
+ CSTAT(call_assign_ip_address);
+
+ for (i = 1; i < ip_pool_size; i++)
+ {
+ if (!ip_address_pool[i].address || ip_address_pool[i].assigned)
+ continue;
+
+ if (!session[s].walled_garden && ip_address_pool[i].user[0] && !strcmp(u, ip_address_pool[i].user))
+ {
+ best = i;
+ reuse = 1;
+ break;
+ }
+
+ if (ip_address_pool[i].last < best_time)
+ {
+ best = i;
+ if (!(best_time = ip_address_pool[i].last))
+ break; // never used, grab this one
+ }
+ }
+
+ if (best < 0)
+ {
+ LOG(0, s, session[s].tunnel, "assign_ip_address(): out of addresses\n");
+ return 0;
+ }
+
+ session[s].ip = ip_address_pool[best].address;
+ session[s].ip_pool_index = best;
+ ip_address_pool[best].assigned = 1;
+ ip_address_pool[best].last = time_now;
+ ip_address_pool[best].session = s;
+ if (session[s].walled_garden)
+ /* Don't track addresses of users in walled garden (note: this
+ means that their address isn't "sticky" even if they get
+ un-gardened). */
+ ip_address_pool[best].user[0] = 0;
+ else
+ strncpy(ip_address_pool[best].user, u, sizeof(ip_address_pool[best].user) - 1);
+
+ STAT(ip_allocated);
+ LOG(4, s, session[s].tunnel, "assign_ip_address(): %s ip address %d from pool\n",
+ reuse ? "Reusing" : "Allocating", best);
+
+ return 1;
+}
+
+static void free_ip_address(sessionidt s)
+{
+ int i = session[s].ip_pool_index;
+
+
+ CSTAT(call_free_ip_address);
+
+ if (!session[s].ip)
+ return; // what the?
+
+ if (i < 0) // Is this actually part of the ip pool?
+ i = 0;
+
+ STAT(ip_freed);
+ cache_ipmap(session[s].ip, -i); // Change the mapping to point back to the ip pool index.
+ session[s].ip = 0;
+ ip_address_pool[i].assigned = 0;
+ ip_address_pool[i].session = 0;
+ ip_address_pool[i].last = time_now;
+}
+
+//
+// Fsck the address pool against the session table.
+// Normally only called when we become a master.
+//
+// This isn't perfect: We aren't keep tracking of which
+// users used to have an IP address.
+//
+void rebuild_address_pool(void)
+{
+ int i;
+
+ //
+ // Zero the IP pool allocation, and build
+ // a map from IP address to pool index.
+ for (i = 1; i < MAXIPPOOL; ++i)
+ {
+ ip_address_pool[i].assigned = 0;
+ ip_address_pool[i].session = 0;
+ if (!ip_address_pool[i].address)
+ continue;
+
+ cache_ipmap(ip_address_pool[i].address, -i); // Map pool IP to pool index.
+ }
+
+ for (i = 0; i < MAXSESSION; ++i)
+ {
+ int ipid;
+ if (!session[i].ip || !session[i].tunnel)
+ continue;
+ ipid = - lookup_ipmap(htonl(session[i].ip));
+
+ if (session[i].ip_pool_index < 0)
+ {
+ // Not allocated out of the pool.
+ if (ipid < 1) // Not found in the pool either? good.
+ continue;
+
+ LOG(0, i, 0, "Session %d has an IP address (%s) that was marked static, but is in the pool (%d)!\n",
+ i, fmtaddr(session[i].ip, 0), ipid);
+
+ // Fall through and process it as part of the pool.
+ }
+
+
+ if (ipid > MAXIPPOOL || ipid < 0)
+ {
+ LOG(0, i, 0, "Session %d has a pool IP that's not found in the pool! (%d)\n", i, ipid);
+ ipid = -1;
+ session[i].ip_pool_index = ipid;
+ continue;
+ }
+
+ ip_address_pool[ipid].assigned = 1;
+ ip_address_pool[ipid].session = i;
+ ip_address_pool[ipid].last = time_now;
+ strncpy(ip_address_pool[ipid].user, session[i].user, sizeof(ip_address_pool[ipid].user) - 1);
+ session[i].ip_pool_index = ipid;
+ cache_ipmap(session[i].ip, i); // Fix the ip map.
+ }
+}
+
+//
+// Fix the address pool to match a changed session.
+// (usually when the master sends us an update).
+static void fix_address_pool(int sid)
+{
+ int ipid;
+
+ ipid = session[sid].ip_pool_index;
+
+ if (ipid > ip_pool_size)
+ return; // Ignore it. rebuild_address_pool will fix it up.
+
+ if (ip_address_pool[ipid].address != session[sid].ip)
+ return; // Just ignore it. rebuild_address_pool will take care of it.
+
+ ip_address_pool[ipid].assigned = 1;
+ ip_address_pool[ipid].session = sid;
+ ip_address_pool[ipid].last = time_now;
+ strncpy(ip_address_pool[ipid].user, session[sid].user, sizeof(ip_address_pool[ipid].user) - 1);
+}
+
+//
+// Add a block of addresses to the IP pool to hand out.
+//
+static void add_to_ip_pool(u32 addr, u32 mask)
+{
+ int i;
+ if (mask == 0)
+ mask = 0xffffffff; // Host route only.
+
+ addr &= mask;
+
+ if (ip_pool_size >= MAXIPPOOL) // Pool is full!
+ return ;
+
+ for (i = addr ;(i & mask) == addr; ++i)
+ {
+ if ((i & 0xff) == 0 || (i&0xff) == 255)
+ continue; // Skip 0 and broadcast addresses.
+
+ ip_address_pool[ip_pool_size].address = i;
+ ip_address_pool[ip_pool_size].assigned = 0;
+ ++ip_pool_size;
+ if (ip_pool_size >= MAXIPPOOL)
+ {
+ LOG(0, 0, 0, "Overflowed IP pool adding %s\n", fmtaddr(htonl(addr), 0));
+ return;
+ }
+ }
+}
+
+// Initialize the IP address pool
+static void initippool()
+{
+ FILE *f;
+ char *p;
+ char buf[4096];
+ memset(ip_address_pool, 0, sizeof(ip_address_pool));
+
+ if (!(f = fopen(IPPOOLFILE, "r")))
+ {
+ LOG(0, 0, 0, "Can't load pool file " IPPOOLFILE ": %s\n", strerror(errno));
+ exit(1);
+ }
+
+ while (ip_pool_size < MAXIPPOOL && fgets(buf, 4096, f))
+ {
+ char *pool = buf;
+ buf[4095] = 0; // Force it to be zero terminated/
+
+ if (*buf == '#' || *buf == '\n')
+ continue; // Skip comments / blank lines
+ if ((p = (char *)strrchr(buf, '\n'))) *p = 0;
+ if ((p = (char *)strchr(buf, ':')))
+ {
+ ipt src;
+ *p = '\0';
+ src = inet_addr(buf);
+ if (src == INADDR_NONE)
+ {
+ LOG(0, 0, 0, "Invalid address pool IP %s\n", buf);
+ exit(1);
+ }
+ // This entry is for a specific IP only
+ if (src != config->bind_address)
+ continue;
+ *p = ':';
+ pool = p+1;
+ }
+ if ((p = (char *)strchr(pool, '/')))
+ {
+ // It's a range
+ int numbits = 0;
+ u32 start = 0, mask = 0;
+
+ LOG(2, 0, 0, "Adding IP address range %s\n", buf);
+ *p++ = 0;
+ if (!*p || !(numbits = atoi(p)))
+ {
+ LOG(0, 0, 0, "Invalid pool range %s\n", buf);
+ continue;
+ }
+ start = ntohl(inet_addr(pool));
+ mask = (u32)(pow(2, numbits) - 1) << (32 - numbits);
+
+ // Add a static route for this pool
+ LOG(5, 0, 0, "Adding route for address pool %s/%u\n",
+ fmtaddr(htonl(start), 0), 32 + mask);
+
+ routeset(0, start, mask, 0, 1);
+
+ add_to_ip_pool(start, mask);
+ }
+ else
+ {
+ // It's a single ip address
+ add_to_ip_pool(inet_addr(pool), 0);
+ }
+ }
+ fclose(f);
+ LOG(1, 0, 0, "IP address pool is %d addresses\n", ip_pool_size - 1);
+}
+
+void snoop_send_packet(char *packet, u16 size, ipt destination, u16 port)
+{
+ struct sockaddr_in snoop_addr = {0};
+ if (!destination || !port || snoopfd <= 0 || size <= 0 || !packet)
+ return;
+
+ snoop_addr.sin_family = AF_INET;
+ snoop_addr.sin_addr.s_addr = destination;
+ snoop_addr.sin_port = ntohs(port);
+
+ LOG(5, 0, 0, "Snooping packet at %p (%d bytes) to %s:%d\n",
+ packet, size, fmtaddr(snoop_addr.sin_addr.s_addr, 0),
+ htons(snoop_addr.sin_port));
+
+ if (sendto(snoopfd, packet, size, MSG_DONTWAIT | MSG_NOSIGNAL, (void *) &snoop_addr, sizeof(snoop_addr)) < 0)
+ LOG(0, 0, 0, "Error sending intercept packet: %s\n", strerror(errno));
+
+ STAT(packets_snooped);
+}
+
+static void dump_acct_info()
+{
+ char filename[1024];
+ char timestr[64];
+ time_t t = time(NULL);
+ int i;
+ FILE *f = NULL;
+
+
+ CSTAT(call_dump_acct_info);
+
+ strftime(timestr, 64, "%Y%m%d%H%M%S", localtime(&t));
+ snprintf(filename, 1024, "%s/%s", config->accounting_dir, timestr);
+
+ for (i = 0; i < MAXSESSION; i++)
+ {
+ if (!session[i].opened || !session[i].ip || !(session[i].cin || session[i].cout) || !*session[i].user || session[i].walled_garden)
+ continue;
+ if (!f)
+ {
+ time_t now = time(NULL);
+ if (!(f = fopen(filename, "w")))
+ {
+ LOG(0, 0, 0, "Can't write accounting info to %s: %s\n", filename, strerror(errno));
+ return ;
+ }
+ LOG(3, 0, 0, "Dumping accounting information to %s\n", filename);
+ fprintf(f, "# dslwatch.pl dump file V1.01\n"
+ "# host: %s\n"
+ "# time: %ld\n"
+ "# uptime: %ld\n"
+ "# format: username ip qos uptxoctets downrxoctets\n",
+ hostname,
+ now,
+ now - basetime);
+ }
+
+ LOG(4, 0, 0, "Dumping accounting information for %s\n", session[i].user);
+ fprintf(f, "%s %s %d %u %u\n",
+ session[i].user, // username
+ fmtaddr(htonl(session[i].ip), 0), // ip
+ (session[i].throttle_in || session[i].throttle_out) ? 2 : 1, // qos
+ (u32)session[i].cin, // uptxoctets
+ (u32)session[i].cout); // downrxoctets
+
+ session[i].pin = session[i].cin = 0;
+ session[i].pout = session[i].cout = 0;
+ }
+
+ if (f)
+ fclose(f);
+}
+
+// Main program
+int main(int argc, char *argv[])
+{
+ int i;
+ int optdebug = 0;
+ char *optconfig = CONFIGFILE;
+
+ time(&basetime); // start clock
+
+ // scan args
+ while ((i = getopt(argc, argv, "dvc:h:")) >= 0)
+ {
+ switch (i)
+ {
+ case 'd':
+ if (fork()) exit(0);
+ setsid();
+ freopen("/dev/null", "r", stdin);
+ freopen("/dev/null", "w", stdout);
+ freopen("/dev/null", "w", stderr);
+ break;
+ case 'v':
+ optdebug++;
+ break;
+ case 'c':
+ optconfig = optarg;
+ break;
+ case 'h':
+ snprintf(hostname, sizeof(hostname), "%s", optarg);
+ break;
+ default:
+ printf("Args are:\n"
+ "\t-d\t\tDetach from terminal\n"
+ "\t-c <file>\tConfig file\n"
+ "\t-h <hostname>\tForce hostname\n"
+ "\t-v\t\tDebug\n");
+
+ return (0);
+ break;
+ }
+ }
+
+ // Start the timer routine off
+ time(&time_now);
+ strftime(time_now_string, sizeof(time_now_string), "%Y-%m-%d %H:%M:%S", localtime(&time_now));
+ signal(SIGALRM, sigalrm_handler);
+ siginterrupt(SIGALRM, 0);
+
+ initplugins();
+ initdata(optdebug, optconfig);
+
+ init_cli(hostname);
+ read_config_file();
+ init_tbf(config->num_tbfs);
+
+ LOG(0, 0, 0, "L2TPNS version " VERSION "\n");
+ LOG(0, 0, 0, "Copyright (c) 2003, 2004 Optus Internet Engineering\n");
+ LOG(0, 0, 0, "Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced\n");
+ {
+ struct rlimit rlim;
+ rlim.rlim_cur = RLIM_INFINITY;
+ rlim.rlim_max = RLIM_INFINITY;
+ // Remove the maximum core size
+ if (setrlimit(RLIMIT_CORE, &rlim) < 0)
+ LOG(0, 0, 0, "Can't set ulimit: %s\n", strerror(errno));
+
+ // Make core dumps go to /tmp
+ chdir("/tmp");
+ }
+
+ if (config->scheduler_fifo)
+ {
+ int ret;
+ struct sched_param params = {0};
+ params.sched_priority = 1;
+
+ if (get_nprocs() < 2)
+ {
+ LOG(0, 0, 0, "Not using FIFO scheduler, there is only 1 processor in the system.\n");
+ config->scheduler_fifo = 0;
+ }
+ else
+ {
+ if ((ret = sched_setscheduler(0, SCHED_FIFO, ¶ms)) == 0)
+ {
+ LOG(1, 0, 0, "Using FIFO scheduler. Say goodbye to any other processes running\n");
+ }
+ else
+ {
+ LOG(0, 0, 0, "Error setting scheduler to FIFO: %s\n", strerror(errno));
+ config->scheduler_fifo = 0;
+ }
+ }
+ }
+
+ /* Set up the cluster communications port. */
+ if (cluster_init() < 0)
+ exit(1);
+
+#ifdef BGP
+ signal(SIGPIPE, SIG_IGN);
+ bgp_setup(config->as_number);
+ bgp_add_route(config->bind_address, 0xffffffff);
+ for (i = 0; i < BGP_NUM_PEERS; i++)
+ {
+ if (config->neighbour[i].name[0])
+ bgp_start(&bgp_peers[i], config->neighbour[i].name,
+ config->neighbour[i].as, config->neighbour[i].keepalive,
+ config->neighbour[i].hold, 0); /* 0 = routing disabled */
+ }
+#endif /* BGP */
+
+ inittun();
+ LOG(1, 0, 0, "Set up on interface %s\n", config->tundevice);
+
+ initudp();
+ initrad();
+ initippool();
+
+ read_state();
+
+ signal(SIGHUP, sighup_handler);
+ signal(SIGTERM, sigterm_handler);
+ signal(SIGINT, sigterm_handler);
+ signal(SIGQUIT, sigquit_handler);
+ signal(SIGCHLD, sigchild_handler);
+
+ // Prevent us from getting paged out
+ if (config->lock_pages)
+ {
+ if (!mlockall(MCL_CURRENT))
+ LOG(1, 0, 0, "Locking pages into memory\n");
+ else
+ LOG(0, 0, 0, "Can't lock pages: %s\n", strerror(errno));
+ }
+
+ alarm(1);
+
+ // Drop privileges here
+ if (config->target_uid > 0 && geteuid() == 0)
+ setuid(config->target_uid);
+
+ mainloop();
+
+#ifdef BGP
+ /* try to shut BGP down cleanly; with luck the sockets will be
+ writable since we're out of the select */
+ for (i = 0; i < BGP_NUM_PEERS; i++)
+ if (bgp_peers[i].state == Established)
+ bgp_stop(&bgp_peers[i]);
+#endif /* BGP */
+
+ /* remove plugins (so cleanup code gets run) */
+ plugins_done();
+
+ // Remove the PID file if we wrote it
+ if (config->wrote_pid && *config->pid_file == '/')
+ unlink(config->pid_file);
+
+ /* kill CLI children */
+ signal(SIGTERM, SIG_IGN);
+ kill(0, SIGTERM);
+ return 0;
+}
+
+static void sighup_handler(int sig)
+{
+ if (log_stream && log_stream != stderr)
+ {
+ fclose(log_stream);
+ log_stream = NULL;
+ }
+
+ read_config_file();
+}
+
+static void sigalrm_handler(int sig)
+{
+ // Log current traffic stats
+
+ snprintf(config->bandwidth, sizeof(config->bandwidth),
+ "UDP-ETH:%1.0f/%1.0f ETH-UDP:%1.0f/%1.0f TOTAL:%0.1f IN:%u OUT:%u",
+ (udp_rx / 1024.0 / 1024.0 * 8),
+ (eth_tx / 1024.0 / 1024.0 * 8),
+ (eth_rx / 1024.0 / 1024.0 * 8),
+ (udp_tx / 1024.0 / 1024.0 * 8),
+ ((udp_tx + udp_rx + eth_tx + eth_rx) / 1024.0 / 1024.0 * 8),
+ udp_rx_pkt, eth_rx_pkt);
+
+ udp_tx = udp_rx = 0;
+ udp_rx_pkt = eth_rx_pkt = 0;
+ eth_tx = eth_rx = 0;
+
+ if (config->dump_speed)
+ printf("%s\n", config->bandwidth);
+
+ // Update the internal time counter
+ time(&time_now);
+ strftime(time_now_string, sizeof(time_now_string), "%Y-%m-%d %H:%M:%S", localtime(&time_now));
+ alarm(1);
+
+ {
+ // Run timer hooks
+ struct param_timer p = { time_now };
+ run_plugins(PLUGIN_TIMER, &p);
+ }
+
+}
+
+static void sigterm_handler(int sig)
+{
+ LOG(1, 0, 0, "Shutting down cleanly\n");
+ if (config->save_state)
+ dump_state();
+
+ main_quit++;
+}
+
+static void sigquit_handler(int sig)
+{
+ int i;
+
+ LOG(1, 0, 0, "Shutting down without saving sessions\n");
+ for (i = 1; i < MAXSESSION; i++)
+ {
+ if (session[i].opened)
+ sessionkill(i, "L2TPNS Closing");
+ }
+ for (i = 1; i < MAXTUNNEL; i++)
+ {
+ if (tunnel[i].ip || tunnel[i].state)
+ tunnelshutdown(i, "L2TPNS Closing");
+ }
+
+ main_quit++;
+}
+
+static void sigchild_handler(int sig)
+{
+ while (waitpid(-1, NULL, WNOHANG) > 0)
+ ;
+}
+
+static void read_state()
+{
+ struct stat sb;
+ int i;
+ ippoolt itmp;
+ FILE *f;
+ char magic[sizeof(DUMP_MAGIC) - 1];
+ u32 buf[2];
+
+ if (!config->save_state)
+ {
+ unlink(STATEFILE);
+ return ;
+ }
+
+ if (stat(STATEFILE, &sb) < 0)
+ {
+ unlink(STATEFILE);
+ return ;
+ }
+
+ if (sb.st_mtime < (time(NULL) - 60))
+ {
+ LOG(0, 0, 0, "State file is too old to read, ignoring\n");
+ unlink(STATEFILE);
+ return ;
+ }
+
+ f = fopen(STATEFILE, "r");
+ unlink(STATEFILE);
+
+ if (!f)
+ {
+ LOG(0, 0, 0, "Can't read state file: %s\n", strerror(errno));
+ exit(1);
+ }
+
+ if (fread(magic, sizeof(magic), 1, f) != 1 || strncmp(magic, DUMP_MAGIC, sizeof(magic)))
+ {
+ LOG(0, 0, 0, "Bad state file magic\n");
+ exit(1);
+ }
+
+ LOG(1, 0, 0, "Reading state information\n");
+ if (fread(buf, sizeof(buf), 1, f) != 1 || buf[0] > MAXIPPOOL || buf[1] != sizeof(ippoolt))
+ {
+ LOG(0, 0, 0, "Error/mismatch reading ip pool header from state file\n");
+ exit(1);
+ }
+
+ if (buf[0] > ip_pool_size)
+ {
+ LOG(0, 0, 0, "ip pool has shrunk! state = %d, current = %d\n", buf[0], ip_pool_size);
+ exit(1);
+ }
+
+ LOG(2, 0, 0, "Loading %u ip addresses\n", buf[0]);
+ for (i = 0; i < buf[0]; i++)
+ {
+ if (fread(&itmp, sizeof(itmp), 1, f) != 1)
+ {
+ LOG(0, 0, 0, "Error reading ip %d from state file: %s\n", i, strerror(errno));
+ exit(1);
+ }
+
+ if (itmp.address != ip_address_pool[i].address)
+ {
+ LOG(0, 0, 0, "Mismatched ip %d from state file: pool may only be extended\n", i);
+ exit(1);
+ }
+
+ memcpy(&ip_address_pool[i], &itmp, sizeof(itmp));
+ }
+
+ if (fread(buf, sizeof(buf), 1, f) != 1 || buf[0] != MAXTUNNEL || buf[1] != sizeof(tunnelt))
+ {
+ LOG(0, 0, 0, "Error/mismatch reading tunnel header from state file\n");
+ exit(1);
+ }
+
+ LOG(2, 0, 0, "Loading %u tunnels\n", MAXTUNNEL);
+ if (fread(tunnel, sizeof(tunnelt), MAXTUNNEL, f) != MAXTUNNEL)
+ {
+ LOG(0, 0, 0, "Error reading tunnel data from state file\n");
+ exit(1);
+ }
+
+ for (i = 0; i < MAXTUNNEL; i++)
+ {
+ tunnel[i].controlc = 0;
+ tunnel[i].controls = NULL;
+ tunnel[i].controle = NULL;
+ if (*tunnel[i].hostname)
+ LOG(3, 0, 0, "Created tunnel for %s\n", tunnel[i].hostname);
+ }
+
+ if (fread(buf, sizeof(buf), 1, f) != 1 || buf[0] != MAXSESSION || buf[1] != sizeof(sessiont))
+ {
+ LOG(0, 0, 0, "Error/mismatch reading session header from state file\n");
+ exit(1);
+ }
+
+ LOG(2, 0, 0, "Loading %u sessions\n", MAXSESSION);
+ if (fread(session, sizeof(sessiont), MAXSESSION, f) != MAXSESSION)
+ {
+ LOG(0, 0, 0, "Error reading session data from state file\n");
+ exit(1);
+ }
+
+ for (i = 0; i < MAXSESSION; i++)
+ {
+ session[i].tbf_in = 0;
+ session[i].tbf_out = 0;
+ if (session[i].opened)
+ {
+ LOG(2, i, 0, "Loaded active session for user %s\n", session[i].user);
+ if (session[i].ip)
+ sessionsetup(session[i].tunnel, i);
+ }
+ }
+
+ fclose(f);
+ LOG(0, 0, 0, "Loaded saved state information\n");
+}
+
+static void dump_state()
+{
+ FILE *f;
+ u32 buf[2];
+
+ if (!config->save_state)
+ return;
+
+ do
+ {
+ if (!(f = fopen(STATEFILE, "w")))
+ break;
+
+ LOG(1, 0, 0, "Dumping state information\n");
+
+ if (fwrite(DUMP_MAGIC, sizeof(DUMP_MAGIC) - 1, 1, f) != 1)
+ break;
+
+ LOG(2, 0, 0, "Dumping %u ip addresses\n", ip_pool_size);
+ buf[0] = ip_pool_size;
+ buf[1] = sizeof(ippoolt);
+ if (fwrite(buf, sizeof(buf), 1, f) != 1)
+ break;
+ if (fwrite(ip_address_pool, sizeof(ippoolt), ip_pool_size, f) != ip_pool_size)
+ break;
+
+ LOG(2, 0, 0, "Dumping %u tunnels\n", MAXTUNNEL);
+ buf[0] = MAXTUNNEL;
+ buf[1] = sizeof(tunnelt);
+ if (fwrite(buf, sizeof(buf), 1, f) != 1)
+ break;
+ if (fwrite(tunnel, sizeof(tunnelt), MAXTUNNEL, f) != MAXTUNNEL)
+ break;
+
+ LOG(2, 0, 0, "Dumping %u sessions\n", MAXSESSION);
+ buf[0] = MAXSESSION;
+ buf[1] = sizeof(sessiont);
+ if (fwrite(buf, sizeof(buf), 1, f) != 1)
+ break;
+ if (fwrite(session, sizeof(sessiont), MAXSESSION, f) != MAXSESSION)
+ break;
+
+ if (fclose(f) == 0)
+ return ; // OK
+ }
+ while (0);
+
+ LOG(0, 0, 0, "Can't write state information: %s\n", strerror(errno));
+ unlink(STATEFILE);
+}
+
+static void build_chap_response(char *challenge, u8 id, u16 challenge_length, char **challenge_response)
+{
+ MD5_CTX ctx;
+ *challenge_response = NULL;
+
+ if (!*config->l2tpsecret)
+ {
+ LOG(0, 0, 0, "LNS requested CHAP authentication, but no l2tp secret is defined\n");
+ return;
+ }
+
+ LOG(4, 0, 0, " Building challenge response for CHAP request\n");
+
+ *challenge_response = (char *)calloc(17, 1);
+
+ MD5Init(&ctx);
+ MD5Update(&ctx, &id, 1);
+ MD5Update(&ctx, config->l2tpsecret, strlen(config->l2tpsecret));
+ MD5Update(&ctx, challenge, challenge_length);
+ MD5Final(*challenge_response, &ctx);
+
+ return;
+}
+
+static int facility_value(char *name)
+{
+ int i;
+ for (i = 0; facilitynames[i].c_name; i++)
+ {
+ if (strcmp(facilitynames[i].c_name, name) == 0)
+ return facilitynames[i].c_val;
+ }
+ return 0;
+}
+
+static void update_config()
+{
+ int i;
+ static int timeout = 0;
+ static int interval = 0;
+
+ // Update logging
+ closelog();
+ syslog_log = 0;
+ if (log_stream)
+ {
+ fclose(log_stream);
+ log_stream = NULL;
+ }
+ if (*config->log_filename)
+ {
+ if (strstr(config->log_filename, "syslog:") == config->log_filename)
+ {
+ char *p = config->log_filename + 7;
+ if (*p)
+ {
+ openlog("l2tpns", LOG_PID, facility_value(p));
+ syslog_log = 1;
+ }
+ }
+ else if (strchr(config->log_filename, '/') == config->log_filename)
+ {
+ if ((log_stream = fopen((char *)(config->log_filename), "a")))
+ {
+ fseek(log_stream, 0, SEEK_END);
+ setbuf(log_stream, NULL);
+ }
+ else
+ {
+ log_stream = stderr;
+ setbuf(log_stream, NULL);
+ }
+ }
+ }
+ else
+ {
+ log_stream = stderr;
+ setbuf(log_stream, NULL);
+ }
+
+
+ // Update radius
+ config->numradiusservers = 0;
+ for (i = 0; i < MAXRADSERVER; i++)
+ if (config->radiusserver[i])